CHAPTER 9
TESTS OF
CONTROLS
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
1
TESTS OF CONTROLS
• Provide auditor with evidence to support their
assessment of control risk. When control risk
assessed at less than high, necessary to gather
evidence that controls are working.
• Auditor will select most efficient and effective
combination of tests of controls, and substantive
tests of transactions and balances.
• Auditor must consider:
 Design
 Operation of internal control structure
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
2
PLANNING THE SCOPE OF TESTS
OF CONTROLS
• Nature: If controls exist that auditor expects to rely
upon, undertake tests of these controls,
otherwise undertake substantive testing.
• Timing: To aid ability to meet deadlines and
scheduling of staff, tests of controls sometimes
scheduled before year-end. Testing then
extended (rolled forward) until year-end.
• Extent: For tests of controls related to documents, extent
determined by reference to sampling theory.
Controls related to accounting routines (e.g.
back reconciliations) usually tested by reperforming a small number.
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
3
TESTS OF CONTROLS
AIMED AT DESIGN
Generally include:
• Inquiries of company personnel
• Inspection of documents and reports
• Observation of the application of specific
internal control policies and procedures
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
4
TESTS OF CONTROLS AIMED AT
OPERATION
Should provide evidence that the:
• Control actually existed
• Control was effective in achieving its
objectives
• Control operated continuously
throughout the period of intended reliance
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
5
SUFFICIENCY AND
APPROPRIATENESS OF TESTS OF
CONTROLS
• Dependent on level of control risk the
tests must support
• The lower the planned assessed level
of control risk, the greater the amount
of testing that is required
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
6
OTHER FACTORS AFFECTING
SUFFICIENCY AND
APPROPRIATENESS
Auditor should also consider:
• Type and source evidence
• Timeliness
• Interrelationship of evidence
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
7
EFFECT OF DOCUMENTATION
OF CONTROLS: AUDIT TRAIL
• Methods used by auditor dependent on
whether a documentary audit trail exists
• Where no audit trail exists, greater emphasis
on:
Observation
Inquiry of the control
• If audit trail does exist:
Inspect documentation for evidence of the
control
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
8
REVENUES, RECEIVABLES AND
RECEIPTS (SALES CYCLE)
Sales cycle involves all those transactions
and events that are initiated when an entity
makes a sale. Characterised by a high
volume of routine transactions.
Audit problems tend to be related to clerical
processing rather than complex accounting
problems.
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
9
KEY FUNCTIONS IN TYPICAL
SALES CYCLE
• Order entry and order approval by
credit department
• Shipping
• Invoicing
• General ledger entry
• Accounts receivable
• Mail opening
• Cashier functions
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
10
TYPICAL CREDIT SALES
FLOWCHART
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
11
TYPICAL CASH COLLECTION
FLOWCHART
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
12
SALES CYCLE — ROUTINE AND
NON-ROUTINE TRANSACTIONS
• Routine transactions: credit sales to
customers, cash collections from customers
(flowcharts), usually strong control system,
auditor considers (and usually undertakes)
tests of controls.
• Non-routine transactions: adjustments to
sales, and provisions for doubtful debts. Less
well controlled. Where material, auditor
undertakes substantive testing.
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
13
CONTROL OBJECTIVES FOR
SALES SYSTEM
Controls are in place to ensure that:
• All sales recorded are bona fide transactions for
merchandise actually shipped to customers.
• All sales for the period of merchandise shipped are
invoiced and properly recorded in accounting
records.
• Invoices have been recorded correctly as to amount
and period and summarised correctly.
• Sales are disclosed and classified in accordance with
disclosure policies.
From Table 9.4 (p. 397)
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
14
EXAMPLE OF LINKING OBJECTIVES TO
CONTROL POLICIES AND TESTS OF
CONTROLS FOR SALES (From Table 9.4 p. 397)
Special control objectives
• All sales recorded are bona
fide transactions for
merchandise actually shipped
to customers
Common control policies
and procedures
• Policy of authorisation of
credit and terms
• Quantities shipped
periodically reconciled to
quantities invoiced
independently of shipping
and invoicing
• Monthly statements mailed
to customers
• Signed acknowledgment
that goods are received by
customers
Tests of controls
• Select a sample of sales
transactions from sales
journal (daily activity
report), check for
appropriate authorisation
and trace to shipping
document file
• Inspect reconciliation of
shipments to invoices
• Observe mailing of monthly
statements, examine
customer correspondence
file and investigate non-cash
credits to accounts
receivable
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
15
CONTROL OBJECTIVES FOR
CASH RECEIPTS SYSTEM
Controls are in place to ensure that:
• Recorded cash receipts are for collection
of receivables from customers
• All cash receipts are recorded and
deposited
• Cash receipts have been recorded
correctly as to account, amount and
period
Ref.: Table 9.5 (p. 400)
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
16
EXAMPLE OF LINKING CONTROL OBJECTIVES
TO CONTROL POLICIES TO TESTS OF
CONTROLS: CASH RECEIPTS
(Ref.: Table 9.5 p. 400)
Special control objectives
Common control policies
and procedures
• Recorded cash receipts are
for collection of receivables
from customers
• Cash receipts matched to
specific sales invoices in
posting to accounts
receivable master file
Test of controls
• Select a sample of entries
in cash receipts journal
and trace to remittance
advices or sales invoices
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
17
TYPES OF MISSTATEMENTS
IN SALES CYCLE
Generally result of:
• Clerical mistakes
• Employee fraud
• Misapplied accounting
principles
• Management fraud
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
18
EXPENDITURES, PAYABLES
AND DISBURSEMENTS
• Expenditures cycle — all transactions
and events initiated when an entity
acquires assets or services used for
cash or credit.
• Auditors (and many entities) often
separate this cycle into a number of
sub-cycles, which reflect various types
of services and assets that can be
acquired.
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
19
SUB-CYCLES IN EXPENDITURES,
PAYABLES AND DISBURSEMENTS
These sub-cycles are:
•
•
•
•
•
Payroll
Property, plant and equipment
Inventory
Income taxes
Incurrence of selling and administrative
expenses
• Miscellaneous expenses paid from petty
cash
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
20
KEY FUNCTIONS WITHIN
THE INVENTORY SUBCYCLE
• Purchasing
• Accounts payable
• Cash disbursements
function
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
21
TYPICAL PURCHASES AND CASH
PAYMENTS FLOWCHART
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
22
CONTROL OBJECTIVES IN A
PURCHASES OF INVENTORY SYSTEM
Controls are in place to ensure that:
• All recorded purchases are bona fide transactions in
that they relate to goods or services authorised or
received.
• All purchases for the period of inventory received
are recorded.
• Purchases of goods or services for inventory are
recorded correctly as to account, amount and
period, and summarised correctly.
• Purchases are disclosed and classified in accordance
with disclosure policies.
From Table 9.6 (p. 409)
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
23
EXAMPLE OF LINKING CONTROL
OBJECTIVES, CONTROLS AND TESTS OF
CONTROLS: PURCHASES
Special control objectives
Common control policies
and procedures
Tests of controls
• All recorded purchases are
bona fide transactions in that
they relate to goods or
services authorised or
received
• Goods received are counted,
inspected and compared to
purchase order before
acceptance
• Services received are
acknowledged in writing
• Comparison of purchase
order, receiving report and
supplier’s invoice and
recomputation of supplier’s
invoice before recording
liability
• Select a sample of order
entries in purchases journal,
trace back to vouchers and
inspect for existence of
supporting document
including receiving report,
ensuring agreement of
details and indication of
approval
• Observe and inquire about
receiving procedures
From Table 9.6 (p. 409)
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
24
CONTROL OBJECTIVES IN A CASH
DISBURSEMENTS SYSTEM
Controls are in place to ensure that:
• Recorded cash disbursements are for
goods or services authorised and
received.
• All cash disbursements are recorded.
• Cash disbursements are recorded
correctly as to account, amount and
period.
From Table 9.7 (p. 410)
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
25
EXAMPLE OF LINKING CONTROL OBJECTIVES,
CONTROL AND TESTS OF CONTROLS: CASH
DISBURSEMENTS (Ref.: Table 9.7 p. 410)
Special control objectives
• Recorded cash disbursements
are for goods or services
authorised and received
Common control policies
and procedures
Tests of controls
• Cheques printed or prepared
only when supporting
documents compared,
recomputed and voucher
approved
• Cheques signed only after
viewing supporting
documentation and prior
approval
• Cheque signing independent of
initiating or approving
purchases, cheque preparation
and accounting functions
• Supporting documentation
cancelled and reference to
cheque number
• Select a sample of cash
disbursement transactions
from cash payments journal
and inspect supporting
documentation for indication of
checking, review and approval,
and reperform checking
• Observe and inquire about
cheque preparation and
signing and protection of
unissued cheques
• For the sample of cash
disbursement transactions
inspect supporting documents
for cancellation, cheque
number and endorsement
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
26
POTENTIAL MISSTATEMENTS IN
EXPENDITURE CYCLE
As expenditure cycle involves disbursements
of cash there is a greater risk of fraud or
irregularity, including:
•
•
•
•
•
Classic disbursements fraud
Kickbacks
Illegal acts
Unauthorised executive perks
Kiting
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
27
SELLING AND ADMINISTRATIVE
EXPENSES
• Processing and related control policies and
procedures for selling and administrative
expenses are similar to those for purchases of
inventory.
• Auditor will normally obtain comfort from cash
disbursement testing for inventory purchases and
perform minimal testing in this area.
• Analytical procedures (e.g. comparing balance
with prior periods) widely used as a key type of
testing.
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
28
PETTY CASH DISBURSEMENTS
• Petty cash disbursements are usually
immaterial in amount and therefore few,
if any, audit procedures are applied to
this area.
• Where the area is significant, emphasis
is on ensuring appropriate procedures
are in place to safeguard cash.
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
29
PAYROLL
The payroll function is usually audited in
either of two ways (or best combination):
• Focusing on analytical procedures (there are
disaggregated and strong relationships in
this area, e.g. comparing fortnightly
payrolls); or
• An emphasis on tests of transactions over
the payroll area with a key control being
appropriate segregation of duties of hiring
function, approval of time worked, payroll
preparation and payroll distribution.
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
30
TESTS OF CONTROLS IN PAYROLL
If tests of controls are necessary the
following audit procedures may be
undertaken:
• Authorisation by supervisors of time worked
• Check signed time cards/sheets
• Use of approved pay rates (personnel
department)
• Check for reasonableness, compared with
awards
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
31
INTEREST, RENT, LEASE AND
INSURANCE PAYMENTS
Usually a substantive approach of checking
terms and conditions to contracts.
• Auditor interested in the key control of
authorisation of the contract
• Accounting treatment of leases complex, and
auditor might check controls to ensure
properly accounted for
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
32
TESTING CONTROLS IN CLIENT
COMPUTER PROGRAMS
Separate techniques have to be developed
for testing programmed controls.
These are:
• Test data
• Integrated test facility
• Controlled processing, reprocessing or parallel
processing
• Review program code and results of job
processing
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
33
TEST DATA
Figure 9.4 (p. 416)
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
34
INTEGRATED TEST FACILITY
Figure 9.5 (p.417)
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
35
AUDITING THROUGH
COMPUTER — PROCESSING
CLIENT DATA
• Controlled processing. Auditor
establishes control over processing of
client’s data.
• Controlled reprocessing. Auditor
reprocesses client data.
• Parallel processing. Simultaneously
processes client data through client and
auditor programs.
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
36
AUDITING THROUGH COMPUTER —
NON-PROCESSING APPROACHES
• Program code review. Involves reviewing
relevant code line by line, considering
whether processing steps and control
procedures are properly coded and logically
correct.
• Review of job accounting data. Involves
review printed log of jobs, looking for
excessive processing time, abnormal halts,
etc.
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
37
ADVANCED CAATs
• Systems control audit review file (SCARF)
Audit modules embedded in programs to monitor
transaction activity
• Snapshot
Transactions are tagged and then identified at
certain points during processing to see how program
is treating them
• Audit hooks
Points in program that allow auditor to insert
commands for special processing
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
38
IMPACT OF STRATEGIC BUSINESS
RISK ON TESTS OF CONTROLS
Approach increases emphasis on nonroutine transactions and decreases
emphasis on routine transactions:
• Expect a satisfactory IC structure
around routine transactions; therefore
must undertake tests of controls to
support this expectation
• Therefore either no change or
increased emphasis on tests of controls
Copyright  2003 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia by Gay & Simnett
Slides prepared by Roger Simnett
39